"GPS jammers are believed to be mostly used by people driving vehicles fitted with tracking devices in order to mask their whereabouts."

But of course it causes troubles for others.

]]>
2012-02-22T00:19:48Z2012-02-22T00:19:48Ztag:www.schneier.com,2012:/blog//2.4226-comment:705943Comment from kashmarek on 2012-02-21kashmarek
Make that "grenade"]]>
2012-02-21T21:49:54Z2012-02-21T21:49:54Ztag:www.schneier.com,2012:/blog//2.4226-comment:705942Comment from kashmarek on 2012-02-21kashmarek
The Transparency Gredade...?

]]>
2012-02-21T21:49:09Z2012-02-21T21:49:09Ztag:www.schneier.com,2012:/blog//2.4226-comment:705766Comment from LinkTheValiant on 2012-02-21LinkTheValiantI wonder if Target (or other stores) attempt to track the pay-with-cash-only customers and assign them unique, persistent ID's.

Of course they do. This is what customer loyalty cards are for. I'm not sure what other "non-intrusive" measures are possible to track cash customers though. But most cash customers use cash for financial reasons rather than privacy, (so far as I know,) so unless the customer is at least minimally paranoid, stores won't have too much trouble implementing new tracking methods.

]]>
2012-02-21T14:23:38Z2012-02-21T14:23:38Ztag:www.schneier.com,2012:/blog//2.4226-comment:705717Comment from kingsnake on 2012-02-21kingsnake
Squid fly to save energy: http://www.nature.com/news/squid-can-fly-to-save-energy-1.10060]]>
2012-02-21T13:14:42Z2012-02-21T13:14:42Ztag:www.schneier.com,2012:/blog//2.4226-comment:705179Comment from karrde on 2012-02-20karrdehttp://wildekarrde.mee.nu
This is not the kind of news-story I normally pay attention to, but was forwarded to me by an old acquaintance with a note about information leakage.

This could be viewed as one of the side effects of Big Data. Lots of large corporations collect data automatically, especially corporations selling items to customers.

Thus, a store like Target has the ability to see purchasing patterns associated with large, life-changing events. And it's very hard for a customer to hide this data.

I wonder if Target (or other stores) attempt to track the pay-with-cash-only customers and assign them unique, persistent ID's.

]]>
2012-02-20T13:13:52Z2012-02-20T13:13:52Ztag:www.schneier.com,2012:/blog//2.4226-comment:705085Comment from Richard Birenheide on 2012-02-20Richard Birenheide
@Nathanel L.
Only the key is encrypted homomorphologic if I understand the website correctly. Data processing is still being done at customer site. More interesting would be homomorphic encryption which allows processing masses of encrypted data (in the cloud).]]>
2012-02-20T08:16:49Z2012-02-20T08:16:49Ztag:www.schneier.com,2012:/blog//2.4226-comment:705004Comment from MW on 2012-02-19MW
Slashdot reports "GSM cellular networks leak enough location data to give third-parties secret access to cellphone users' whereabouts, according to new University of Minnesota research."http://yro.slashdot.org/story/12/02/20/010216/leaky-cellphone-nets-can-give-attackers-your-location]]>
2012-02-20T05:26:37Z2012-02-20T05:26:37Ztag:www.schneier.com,2012:/blog//2.4226-comment:704770Comment from Anonymouse on 2012-02-19Anonymouse
@Clive Robinson
This goes well beyond the needs of the EU retention directive (nasty as it is) and well beyond what *any other democracy in the world* feels is needed.
Hell, we didn't even need this when the IRA terrorists were actually *blowing people up every month*.]]>
2012-02-19T21:31:07Z2012-02-19T21:31:07Ztag:www.schneier.com,2012:/blog//2.4226-comment:704756Comment from Clive Robinson on 2012-02-19Clive Robinson
@ Anonymouse,

Looks like the English are going hell for leather towards 1984

It's a bit more complicated than it first appears.

First off it needs to be said that the "torygraph" is so far right of center even the US "tea baggers" think it's run by people so right wing they would be embarrassed to be seen in their company.

Also the UK did not think this up by it's self, it comes from an EU Directive... Which it is rumourd was formulated by Ms Merkles friends to get around the restraint of German privacy Laws brought in many years ago to stop a repeate of dictatorships like the "National Socialist Party" (Nazi's and their ilk to the rest of us).

However they say things come "full circle" and in this case the "torygraph's" hate for all things EU has taken it so far right of center it's crossed the political "international dateline" and thus appears in this case to be well to the left of "the loony left"...

]]>
2012-02-19T20:35:56Z2012-02-19T20:35:56Ztag:www.schneier.com,2012:/blog//2.4226-comment:704741Comment from Anonymouse on 2012-02-19Anonymouse
Looks like the English are going hell for leather towards 1984.

It's claimed "Direct messages between subscribers to websites such as Twitter would also be stored, as well as communications between players in online video games."
Anyone care to comment on the feasibility of cracking SSL on this scale ? What about breaking DNSSEC ?
And how are they going to decode every web sites protocol to extract the message ?

]]>
2012-02-19T16:41:46Z2012-02-19T16:41:46Ztag:www.schneier.com,2012:/blog//2.4226-comment:704626Comment from Vles on 2012-02-19Vles
No reporter seems to have asked any questions regarding anything remotely like security.

What about them being implanted against your will or without you being aware?

]]>
2012-02-19T16:06:26Z2012-02-19T16:06:26Ztag:www.schneier.com,2012:/blog//2.4226-comment:704618Comment from Petréa Mitchell on 2012-02-19Petréa Mitchell
As an addendum to the NYPD article, my SO adds that it already has an established record of operating even further outside its geographical boundaries. Here's an article on a gun-buying sting in Arizona last year, part of a nationwide operation going back to at least 2006.

Not only was this done without the knowledge of the local authorities or the ATF, the alleged illegal sales are not, according to the ATF agent quoted, actually illegal. The mayor of NYC claims the sting operation broke no laws since the people who actually went to the gun show to perform the sting were all residents of Arizona.

]]>
2012-02-19T15:43:15Z2012-02-19T15:43:15Ztag:www.schneier.com,2012:/blog//2.4226-comment:704583Comment from kashmarek on 2012-02-19kashmarek
Found on Slashdot, more British spying...

]]>
2012-02-19T13:42:54Z2012-02-19T13:42:54Ztag:www.schneier.com,2012:/blog//2.4226-comment:704462Comment from Clive Robinson on 2012-02-19Clive Robinson
OFF Topic:

Of historic interest is John Nash's (he of "A Beautiful Mind" biography/film) letter to the NSA shortly after they were formed. It predicted several advances in the mathmatical outlook in cryptograhpy as much as a quater of a century before they became common in the public cryptographic world.

]]>
2012-02-19T08:51:00Z2012-02-19T08:51:00Ztag:www.schneier.com,2012:/blog//2.4226-comment:704420Comment from Zaphod on 2012-02-19Zaphod
Wholesale surveillance of the UK population comes a step closer.

]]>
2012-02-19T06:44:15Z2012-02-19T06:44:15Ztag:www.schneier.com,2012:/blog//2.4226-comment:704408Comment from A blog reader on 2012-02-19A blog reader
Mother Jones has an article about trucks that transport nuclear weapons and weapon components via US highways. Then again, this may or may not be a particularly great concern as security issues go.]]>
2012-02-19T06:09:36Z2012-02-19T06:09:36Ztag:www.schneier.com,2012:/blog//2.4226-comment:704394Comment from Petréa Mitchell on 2012-02-18Petréa Mitchell
There have been several stories over the last few months about the NYPD becoming so paranoid about Muslim terrorists that it's been getting itself military weapons, inviting anti-Islamic fringe "experts" in to give training sessions, working with the CIA to monitor Muslims without cause all over the city, and possibly stepping into the FBI and CIA's jurisdiction through its own efforts.

]]>
2012-02-19T05:25:13Z2012-02-19T05:25:13Ztag:www.schneier.com,2012:/blog//2.4226-comment:704071Comment from NobodySpecial on 2012-02-18NobodySpecial
DNA matches don't match the whole sequence. It would be rather pointless anyway since we share rather a lot of our DNA with other individuals (and species) - so they use short sequences of non-coding DNA.

In theory since this DNA doesn't code for any vital function it is more random. In practice if you are from a small genetic population it can be very non-random.

Of course - courts, prosecutors and police are very careful to explain the difference between population and sample statistics to a jury, and most juries are highly expert in Bayesian statistical techniques.

]]>
2012-02-18T17:21:55Z2012-02-18T17:21:55Ztag:www.schneier.com,2012:/blog//2.4226-comment:703859Comment from A Nonny Bunny on 2012-02-18A Nonny Bunny
@Daniel,
15 minutes is only for very short gene sequences. To sequence the whole genome of a person that device would take 6 hours. And it's currently not able to do that, they're still working on the version that can.]]>
2012-02-18T09:31:22Z2012-02-18T09:31:22Ztag:www.schneier.com,2012:/blog//2.4226-comment:703809Comment from Daniel on 2012-02-18Daniel
A few weeks ago I linked to an article about a new device could process a DNA sequence in a day and speculated that we would see that time cut in 1/2 within five years (IIRC).

My bad.

It took one month and we are now down to fifteen minutes in a unit the size of a thumb drive.

So now I'll say that within five years every beat cop and squad car will have one and within a decade your dna will be encoded on your drivers license.

]]>
2012-02-18T07:44:57Z2012-02-18T07:44:57Ztag:www.schneier.com,2012:/blog//2.4226-comment:703755Comment from A blog reader on 2012-02-18A blog reader
To protect children, "intensive parenting" (with lots of oversight and restrictions imposed by parents) may not always lead to increased safety and security, and many persons may not be experts at risk assessment. Lenore Skenazy at FreeRangeKids talked about the issue of parents being essentially forced to practice "intensive parenting" due to the possibility of otherwise being charged with child abuse/neglect. Law professor David Pimentel mentioned such factors as media attention towards unusual but spectacular risks, and that this could contribute to prosecutors and jurors coming to view excessively protective and sheltered child-raising as the "legal standard of care."

]]>
2012-02-18T06:06:32Z2012-02-18T06:06:32Ztag:www.schneier.com,2012:/blog//2.4226-comment:703627Comment from richrumble on 2012-02-17richrumble
University Laptops stolen on purpose to demonstrate and shore up security policies and procedures: http://www.utwente.nl/en/archive/2012/02/stealing_for_science.doc/
-rich]]>
2012-02-18T01:35:04Z2012-02-18T01:35:04Ztag:www.schneier.com,2012:/blog//2.4226-comment:703622Comment from Daniel on 2012-02-17Daniel
The NYT has an article called "How Companies Learn Your Secrets". The short answer seems by bribing, manipulating, and lying to you. But the article takes six web pages to say that, presumably to up the page views for the NYT advertisers.

The International Federation of the Phonographic Industry's annual report on the music industry has interesting data both on the amount of piracy taking place and music industry efforts to combat it (second half of .pdf)

]]>
2012-02-18T01:20:21Z2012-02-18T01:20:21Ztag:www.schneier.com,2012:/blog//2.4226-comment:703591Comment from on 2012-02-17
The newswires are ablaze with stories on the first successful human trial of delivering drugs from an implanted microchip which is triggered by wireless signals. No reporter seems to have asked any questions regarding anything remotely like security.]]>
2012-02-18T00:05:23Z2012-02-18T00:05:23Ztag:www.schneier.com,2012:/blog//2.4226-comment:703589Comment from Steve on 2012-02-17Steve
How long do you think it will be before Governments/courts start doing password bounties?

Is there something preventing them from doing this?

Such as password reuse which will cause problems for the person or sensitive information in the password like it could contain a SS#?

Since all you need is the header/parts of the encrypted data those can be given out and anyone can try to crack it. Speaking of... is there any software that hides where the "header" is depending on the password?

]]>
2012-02-18T00:04:31Z2012-02-18T00:04:31Ztag:www.schneier.com,2012:/blog//2.4226-comment:703580Comment from NobodySpecial on 2012-02-17NobodySpecial
1-2-3-4-5? That's the stupidest combination I've ever heard of in my life!
That's the kinda thing an idiot would have on his luggage!]]>
2012-02-17T23:40:36Z2012-02-17T23:40:36Ztag:www.schneier.com,2012:/blog//2.4226-comment:703576Comment from Thunderbird on 2012-02-17Thunderbird
I'm assuming you know the "drunk squid wants to fight you" image ? If not, just google it. I'll never hang my coat or jacket without thinking of that one...
To save others the problems of finding it, I'll note it appears to be "drunken octopus" instead of "drunken squid." And you're right--it sure will always be in my mind when I see one again.]]>
2012-02-17T23:33:13Z2012-02-17T23:33:13Ztag:www.schneier.com,2012:/blog//2.4226-comment:703571Comment from Brandon on 2012-02-17Brandon
If the hacker group Anonymous is to be believed, one Middle Eastern dictator's email password is "12345" ... or it was, until they decided to share much of his (and his staff's) email with the world. Can this really be true? ]]>
2012-02-17T23:22:27Z2012-02-17T23:22:27Ztag:www.schneier.com,2012:/blog//2.4226-comment:703569Comment from Paul on 2012-02-17Paul
I'm assuming you know the "drunk squid wants to fight you" image ? If not, just google it. I'll never hang my coat or jacket without thinking of that one...]]>
2012-02-17T23:16:51Z2012-02-17T23:16:51Z